package top.lingkang.privatespace.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import top.lingkang.http.FinalSecurityHolder;
import top.lingkang.privatespace.dto.ResponseResult;
import top.lingkang.privatespace.entity.Role;
import top.lingkang.privatespace.entity.User;
import top.lingkang.privatespace.mapper.RoleMapper;
import top.lingkang.privatespace.mapper.UserMapper;
import top.lingkang.utils.FinalPasswordUtils;
import top.lingkang.utils.StringUtils;

import javax.servlet.http.HttpServletRequest;
import java.util.List;

/**
 * @author lingkang
 * Created by 2022/2/15
 */
@Controller
public class AccessController {
    @Autowired
    private FinalSecurityHolder securityHolder;
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private RoleMapper roleMapper;

    @GetMapping("/login")
    public String login() {
        return "login/login-2";
    }

    @PostMapping("login")
    @ResponseBody
    public ResponseResult loginPost(String username, String password, HttpServletRequest request) {
        Object wait = request.getSession().getAttribute("login-fail-wait");
        if (wait != null) {
            long w = ((long) wait - System.currentTimeMillis()) / 1000;
            if (w > 0)
                return new ResponseResult<>().fail("由于你频繁登录错误，请等" + w + "秒再来登录");
            else
                request.getSession().removeAttribute("login-fail-wait");
        }

        User user = userMapper.get(username);
        if (user == null || StringUtils.isEmpty(password) ||
                !FinalPasswordUtils.base64Encoder(password).equals(user.getPassword())) {// MTIz == 123
            Object num = request.getSession().getAttribute("login-fail-number");
            int number = 1;
            if (num != null) {
                number = (int) num;
            }
            number++;
            request.getSession().setAttribute("login-fail-number", number);
            if (number == 5) {
                request.getSession().setAttribute("login-fail-wait", System.currentTimeMillis() + 1000 * 60 * 6);
                request.getSession().removeAttribute("login-fail-number");
            }
            return new ResponseResult<>().fail("用户不存在或密码错误！");
        }

        List<Role> role = roleMapper.getRole(user.getId());

        securityHolder.login(username, role.toArray(new String[role.size()]), null);
        request.getSession().setAttribute("login-fail-number", 0);

        Object forwardPath = request.getSession().getAttribute("forwardPath");
        request.getSession().removeAttribute("forwardPath");
        if (forwardPath == null || "/logout".equals((String) forwardPath)) {
            forwardPath = "/";
        }
        return new ResponseResult().success("登录成功", forwardPath);
    }

    @RequestMapping("/logout")
    public String logout() {
        securityHolder.logout();
        return "redirect:/";
    }

    public static void main(String[] args) {
        System.out.println(FinalPasswordUtils.base64Encoder("123"));
    }
}
